War Stories and Other Helpful Information

Ransomware in the first half of 2022 Compared to 2021, the amount of publicly reported ransomware attacks has increased across most months according to BlackFog’s 2022 state of ransomware report. These numbers are significantly higher than in 2020 and could be a result of the specific sectors being attacked. Certain industries, like education and government, don’t have the luxury to pause operations, and are sometimes have no choice but to pay ransoms if they don’t have proper data backups. In addition, industries like technology and healthcare are seeing a rise in ransomware attacks, likely due to the sensitive nature of

Who is LockBit? LockBit is a multimillion-dollar ransomware group that offers ransomware as a service. It treats ransomware as a business and even has affiliate marketing, bug bounty, and HR programs. Using its revenue, it hires individuals to write its ransomware software. LockBit is one of the most active ransomware groups.  At LockBit, “employees” do not execute the initial exploit themselves; instead, they place ads on the dark web to offer initial access. In these ads, LockBit states it will provide everything you need to deploy ransomware, and then splits the ransom profits with the threat actor. LockBit 3.0 This

Reports show that globally, in 2021, the number of ransomware attacks increased significantly. Not only did the level of frequency grow, but so did their level of sophistication. Ransomware as an industry is escalating and it’s important to know what to look for to better protect sensitive data. Here are several trends to be aware of and steps to help mitigate the risk of attack: Cybercriminal Services for Hire The ransomware market has become more sophisticated and professional in recent years, making attacks harder to distinguish. It has also become more collaborative, with cybercriminals utilizing ransomware-as-a-service (RaaS), engaging with third-party

How Much Money Does Your Incident Response Team Make on Ransom Payments? A common trend in the cybersecurity space is incident response teams making a profit on a percentage of the ransom payments paid out to threat actors when a ransomware attack occurs. Since this profit is often far more than the fees the incident response team would pay a crypto currency broker, the incident response team is making money from a situation it should be trying to avoid at all costs. To truly understand the conflict of interest for an incident response team paying the ransom, let’s look at

According to a survey of managed service providers for SMEs, only 30 percent felt that ransomware was a critical threat, perhaps indicating an attitude that it only affects larger corporations. This couldn’t be further from the truth. In fact, a single ransomware “gang” took on 63 companies in 2021 so far, including schools, local government agencies and healthcare services. Smaller businesses may, in fact, be more at risk because of several factors. Lack of Cybersecurity Training Any company that connects to the internet and holds data of any kind is at risk from threat actors. This means every organization is at